nvd-json-data-feeds/CVE-2019/CVE-2019-109xx/CVE-2019-10988.json

{
  "id": "CVE-2019-10988",
  "sourceIdentifier": "ics-cert@hq.dhs.gov",
  "published": "2019-09-04T14:15:11.120",
  "lastModified": "2020-10-02T17:00:04.807",
  "vulnStatus": "Analyzed",
  "descriptions": [
    {
      "lang": "en",
      "value": "In Philips HDI 4000 Ultrasound Systems, all versions running on old, unsupported operating systems such as Windows 2000, the HDI 4000 Ultrasound System is built on an old operating system that is no longer supported. Thus, any unmitigated vulnerability in the old operating system could be exploited to affect this product."
    },
    {
      "lang": "es",
      "value": "En Philips HDI 4000 Ultrasound Systems, todas las versiones que se ejecutan en sistemas operativos no compatibles y antiguos, como Windows 2000, el HDI 4000 Ultrasound System est\u00e1 construido sobre un sistema operativo antiguo que ya no es compatible. Por lo tanto, cualquier vulnerabilidad no mitigada en el sistema operativo antiguo podr\u00eda ser explotada para afectar este producto."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
          "attackVector": "LOCAL",
          "attackComplexity": "LOW",
          "privilegesRequired": "HIGH",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "availabilityImpact": "NONE",
          "baseScore": 3.4,
          "baseSeverity": "LOW"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 2.5
      }
    ],
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:N",
          "accessVector": "LOCAL",
          "accessComplexity": "LOW",
          "authentication": "NONE",
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "availabilityImpact": "NONE",
          "baseScore": 3.6
        },
        "baseSeverity": "LOW",
        "exploitabilityScore": 3.9,
        "impactScore": 4.9,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ]
    },
    {
      "source": "ics-cert@hq.dhs.gov",
      "type": "Secondary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-477"
        }
      ]
    }
  ],
  "configurations": [
    {
      "operator": "AND",
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:philips:hdi_4000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "94AD579D-B72B-4010-B810-E1D5D025F0AA"
            }
          ]
        },
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:h:philips:hdi_4000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7853823E-9546-4107-A7C4-36B11D0AE739"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://www.us-cert.gov/ics/advisories/icsma-19-241-02",
      "source": "ics-cert@hq.dhs.gov",
      "tags": [
        "Mitigation",
        "Third Party Advisory",
        "US Government Resource"
      ]
    }
  ]
}